Australian mobile phone number allocations are trivial to work out from online sources and that leaves you with about 20 million plausible numbers. Then you just fire off a hundred thousand texts a week to random numbers via a half a dozen overseas SMS gateways for a hundred bucks and the Australian phone network dutifully delivers them all.
The texts are deliberately poorly written to weed out the smarter people. So while we’re all ho-hoing about the message the scammers only have to interact with the ones that are mostly likely to fall victim to their scam.
I only asked since i noticed significant increase post the optus hack.
And yeah i figured bruteforcing wast too hard when i was in hs i heard a guy did simmillar thing to identify every student number/email (they where the same thing) in the state. Sent some email status code to every single id and the server dutifully responded with a status indicating which ones existed or not.
Btw did u know if ur on a NAT that blocks torrents (hypotheicaly a university NAT) all u need to do to bypass such a thing is to bruteforce a mac address the network allows through. I heard it was particularly easy since the first half of a mac address is determined by hardware.
It makes no difference.
Australian mobile phone number allocations are trivial to work out from online sources and that leaves you with about 20 million plausible numbers. Then you just fire off a hundred thousand texts a week to random numbers via a half a dozen overseas SMS gateways for a hundred bucks and the Australian phone network dutifully delivers them all.
The texts are deliberately poorly written to weed out the smarter people. So while we’re all ho-hoing about the message the scammers only have to interact with the ones that are mostly likely to fall victim to their scam.
I only asked since i noticed significant increase post the optus hack.
And yeah i figured bruteforcing wast too hard when i was in hs i heard a guy did simmillar thing to identify every student number/email (they where the same thing) in the state. Sent some email status code to every single id and the server dutifully responded with a status indicating which ones existed or not.
Btw did u know if ur on a NAT that blocks torrents (hypotheicaly a university NAT) all u need to do to bypass such a thing is to bruteforce a mac address the network allows through. I heard it was particularly easy since the first half of a mac address is determined by hardware.